I appears that I must add another TCP/IP stack so that I can route traffic from a different vmknic to a different gateway.
I must be going about this wrong.
The host has two interfaces. One is on a private network, the other public. I have vmknic0 defined and attached to vSwitch0 on the private interface using the default tcp/ip stack with default gateway on the same network. I'm able to create vmknic1 attached it to vSwitch1 on the public interface but how to add the appropriate routes?
I read that "Configurations with more than one vmknic interface on the same IP subnet not supported". But is this my configuration? I vmknics are on very different subnets.
The problem I'm looking to solve is how to allow for internet bound traffic to egress my host (for monitor pings, alert emails etc). I guess I could use vsphere (which I am also using).
Thanks for any insights.
Hi
First of all the number of the TCP/IP stacks in vsphere is limited, and each of those have dedicated purpose (vmotion, provisioning, nsx)
2nd thing: have you tried to configure gateway on the vmkernel interface ?
In 6.7 U3 you can define gateway for the vmkernel at either tcp/ip stack or directly on the vmkernel interface
Hello Greg and welcome to the forums!
I have a similar setup and did the following:
- Do *not* add a second TCP/IP stack, just use the default one
- set the default route to the gateway address of your public interface (vmk1)
- For traffic to/from your internal private network add a static route through the vmk0 interface (you need to do this via command line, see VMware Knowledge Base )
And please make sure that you do not allow any inbound traffic on the public management interface (either through the built-in ESXi firewall or some external firewall). You do not want to expose your host's management interface to the Internet!
- Andreas